eBay security flaw has existed for months "Buy it now" button Listings clicked on eBay automatically directed users to malicious websites
A flaw that has exposed eBay customers to malicious websites has been affecting the site since at least February, the BBC has found. Earlier this week it was revealed how clicking on some listings automatically redirected users to the harmful sites. EBay removed several posts, but said it was an isolated incident. But the BBC has since found multiple listings, from multiple users, exploiting the same vulnerability. Furthermore, several readers contacted the BBC detailing complaints they had made to the site. In a statement, eBay said it had a dedicated team working on security, but that criminals "intentionally adapt their code and tactics to try to stay ahead of the most sophisticated security systems". 'Big problem' A transcript from February this year showed user Paul Castle explaining the issue, in detail, to eBay support staff. "I was just browsing in Digital Cameras and came across a password-harvesting scam," wrote Mr Castle during the online chat with eBay support staff. Clicking on the listing link, Mr Castle explained, "transfers immediately to a password harvest scam page". http://www.bbc.com/news/technology-29279213 Note: I couldn't sign in to Ebay yesterday without changing my sign in name and password. Ebay "assigned" me a new name! ROFL! Gerry _______________________________________ http://www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com All posts are the result of individual contributors and as such, those individuals are responsible for the content of the post. The list owner has no control over the content of the messages of each contributor.